CTB virus

Customer called and says message quotes CBT Encription ...

Looks like rogue virus looking for €

How to solve this ?
feck1Asked:
Who is Participating?
 
rindiCommented:
Disconnect the PC from the internet, then report the incident to the authorities. Although they will be unlikely to be able to help, it is still good to have them involved, as the more info they get, the likelier it will be that they can eventually be able to track the crooks down.

Then, once they have given their OK, scan the PC using malwarebytes so the virus can be removed. After that, if you are very lucky, you might be able to use the "previous version" to recover the file (right click the file you want to recover, select "Properties", then "Previous Versions", and if there are such previous versions available you can restore from that). But as this virus tries to delete any previous versions, that will be very unlikely to work.

A much better way is to just restore the files from the client's backups.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.